diff -r ff14b97bdf14 -r 27e42da5050f src/server/util/uri.c
--- a/src/server/util/uri.c	Sun Feb 22 09:24:41 2026 +0100
+++ b/src/server/util/uri.c	Sun Feb 22 09:33:48 2026 +0100
@@ -230,40 +230,12 @@
 /* --------------------------- util_uri_escape ---------------------------- */
 NSAPI_PUBLIC char *util_uri_escape(char *od, const char *s)
 {
-    int flagDbcsUri = allow_dbcs_uri();
-    char *d;
-
+    size_t len = (strlen(s)*3) + 1;
     if (!od)
-        od = (char *) MALLOC((strlen(s)*3) + 1);
-    d = od;
+        od = (char *) MALLOC(len);
 
-    while (*s) {
-        if (strchr("% ?#:+&*\"'<>\r\n", *s)) {
-            util_sprintf(d, "%%%02x", (unsigned char)*s);
-            ++s; d += 3;
-        }
-#ifdef XP_WIN32
-        else if (flagDbcsUri && s[1] && IsDBCSLeadByte(s[0]))
-#else
-        // Treat any character with the high bit set as a DBCS lead byte
-        else if (flagDbcsUri && s[1] && (s[0] & 0x80))
-#endif
-	{
-            // Escape the second byte of DBCS characters.  The first byte will
-            // have been escaped already.  IE translates all unescaped '\\'s
-            // into '/'.
-            // Bug 353999
-            util_sprintf(d, "%%%02x%%%02x", (unsigned char)s[0], (unsigned char)s[1]);
-            s += 2; d += 6;
-        }
-        else if (0x80 & *s) {
-            util_sprintf(d, "%%%02x", (unsigned char)*s);
-            ++s; d += 3;
-        } else {
-            *d++ = *s++;
-        }
-    }
-    *d = '\0';
+    util_uri_escape_s(od, len, s);
+    
     return od;
 }